A redaction policy was added to the SAL column of the SCOTT.EMP table:
All users have their default set of system privileges.
For which three situations will data not be redacted?
A.
SYS sessions, regardless of the roles that are set in the session
B.
SYSTEM sessions, regardless of the roles that are set in the session
C.
SCOTT sessions, only if the MGR role is set in the session
D.
SCOTT sessions, only if the MGR role is granted to SCOTT
E.
SCOTT sessions, because he is the owner of the table
F.
SYSTEM session, only if the MGR role is set in the session
Explanation:
* SYS_CONTEXT
This is a twist on the SYS_CONTEXT function as it does not use USERENV. With this usage SYS_CONTEXT
queries the list of the user’s current default roles and returns TRUE if the role is granted.
Example:
SYS_CONTEXT(‘SYS_SESSION_ROLES’, ‘SUPERVISOR’)
conn scott/tiger@pdborcl
SELECT sys_context(‘SYS_SESSION_ROLES’, ‘RESOURCE’)
FROM dual;
SYS_CONTEXT(‘SYS_SESSION_ROLES’,’SUPERVISOR’)
———————————————
FALSE
conn sys@pdborcl as sysdba
GRANT resource TO scott;
conn scott/tiger@pdborcl
SELECT sys_context(‘SYS_SESSION_ROLES’, ‘RESOURCE’)
FROM dual;
SYS_CONTEXT(‘SYS_SESSION_ROLES’,’SUPERVISOR’)
———————————————
TRUE
The correct answer should be A, B, and D.
https://docs.oracle.com/cd/E11882_01/network.112/e40393/redaction_guidelines.htm#ASOAG360